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In the Claims 



Applicants include below a listing of claims as amended. 

1 . (Currently Amended) A method for managing access to a shared resource by a plurality 
of devices that are coupled to the shared resource via a network, the method including acts of: 

(a) in response to a non-media access request by a first of the plurality of devices to a 
logical device at the shared resource for which the first device has no data access privileges, 
determinin g, based, at least in part, on an identity of the first device, whether the first device is 
authorized to have non-media access to the logical device; and 

(b) authorizing the non-media access request when it is determined in the act (a) that 
the first device is authorized to have non-media access to the logical device. 

2. (Original) The method of claim 1, further including an act of: 

(c) denying the non-media access request when it is determined in the act (a) that the 
first device is not authorized to have non-media access to the logical device. 

3. (Original) The method of claim 2, wherein the act (c) includes an act of: 
ignoring the non-media access request. 

4. (Original) The method of claim 2, wherein the act (b) includes an act of: 
forwarding the non-media access request to a physical device corresponding to the logical 

device. 

5. (Original) The method of claim 1, wherein the non-media access request is an 
availability request to determine an availability of the logical device, and wherein the act (b) 
includes an act of: 

forwarding the availability request to a physical device corresponding to the logical 

device. 

6. (Original) The method of claim 1, further including acts of: 
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(c) in response to a data access request by the first device to the logical device, 
determining whether the first device has data access privileges to the logical device; and 

(d) authorizing the data access request when it is determined in the act (c) that the 
first device has data access privileges to the logical device. 

7. (Original) The method claim 6, further including an act of: 

(e) denying the data access request when it is determined in the act (c) that the first 
device has no data access privileges to the logical device. 

8. (Original) The method of claim 1, wherein the acts (a) and (b) are performed by a 
filter that controls access to a plurality of logical devices at the shared resource, the method 
further including an act of: 

(c) maintaining, in a data structure accessible to the filter, configuration information 
corresponding to the first device, the configuration information including; 

(1) first configuration information identifying each of the plurality of logical 
devices to which data access by the first device is authorized; and 

(2) whether non-media access is authorized to each of the plurality of logical 
devices for which the first configuration information identifies that no data access is 
authorized for the first device. 

9. (Original) The method of claim 8, wherein the act (a) includes an act of: 
examining the configuration information corresponding to the first device to determine 

whether the first device is authorized to have non-media access to the logical device. 

10. (Original) The method of claim 1, wherein the acts (a) and (b) are performed by a 
filter that controls access to a plurality of logical devices at the shared resource, the method 
further including an act of: 

(c) maintaining, in a data structure accessible to the filter, configuration information 
corresponding to the first device, the configuration information identifying; 



759305.1 



Serial No.: 09/75 1,684 -4- Art Unit: 2187 

Conf.No.: 9139 

(1) each of the plurality of logical devices to which data access by the first 
device is authorized; and 

(2) each of the plurality of logical devices to which non-media access by the 
first device is authorized. 

1 1 . (Original) The method of claim 1, further including an act of: 

(c) determining whether an access request by the first device is one of a data access 
request and a non-media access request. 

12. (Original) The method of claim 1 , wherein the shared resource is a storage 

system; 

wherein the act (a) includes an act of, in response to the non media access request by the 
first device to a logical volume of data at the storage system for which the first device has no 
data access privileges, determining whether the first device is authorized to have non-media 
access to the logical volume; and 

wherein the act (b) includes an act of authorizing the non media access request when it is 
determined in the act (a) that the first device is authorized to have non-media access to the 
logical volume. 

13. (Original) The method of claim 12, wherein the acts (a) and (b) are performed by 
the storage system. 

14. (Original) The method of claim 12, wherein the acts (a) and (b) are performed 
outside of the storage system. 

15. (Currently Amended) A method for managing access to a storage system by a 
plurality of devices that are coupled to the storage system via a network, the storage system 
including a plurality of logical volumes of data, the method including acts of: 

(a) maintaining, in a data structure that is accessible to a filter that controls access to 
each of the plurality of logical volumes, configuration information identifying each logical 
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volume of the plurality of logical volumes to which data access by a first device of the plurality 
of devices is authorized; 

(b) in response to a non-media access request by the first device to a first logical 
volume for which the first device has no data access privileges, determinin g, based, at least in 
part, on an identity of the first device, whether the first device is authorized to have non-media 
access to the first logical volume; and 

(c) authorizing the non-media access request when it is determined in the act (b) that 
the first device is authorized to have non-media access to the first logical volume. 

1 6. (Original) The method of claim 1 5, further including an act of: 

(d) denying the non-media access request when it is determined in the act (b) that the 
first device is not authorized to have non-media access to the first logical volume. 

17. . (Original) The method of claim 16, wherein the act (c) includes an act of: 
forwarding the non-media access request to a physical device corresponding to the first 

logical volume. 

18. (Original) The method of claim 1 5, wherein the act (c) includes an act of: 
forwarding the non-media access request to a physical device corresponding to the first 

logical volume. 

19. (Original) The method of claim 15, further including acts of: 

(d) in response to a data access request by the first device to the first logical volume, 
determining whether the first device has data access privileges to the first logical volume; and 

(e) authorizing the data access request when it is determined in the act (d) that the 
first device has data access privileges to the first logical volume. 

20. (Original) The method claim 19, further including an act of: 

(f) denying the data access request when it is determined in the act (d) that the first 
device has no data access privileges to the first logical volume. 
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2 1 . (Original) The method of claim 1 5, wherein the filter is in the storage system and 
wherein the acts (a), (b), and (c) are performed by the storage system. 

22. (Original) The method of claim 15, wherein the filter is outside of the storage 
system, and wherein the acts (a), (b), and (c) are performed outside of the storage system. 

23. (Original) The method of claim 15, further including an act of: 

(d) determining whether an access request by the first device is one of a data access 
request and a non-media access request. 

24. (Original) The method of claim 15, wherein the non-media access request is an 
availability request to determine an availability of the first logical volume, and wherein the act 
(c) includes an act of: 

forwarding the availability request to a physical storage device corresponding to the first 
logical volume. 

25. (Original) The method of claim 15, wherein the act (a) includes an act of: 
maintaining, in the data structure that is accessible to the filter, configuration information 

that includes first configuration information identifying each logical volume of the plurality of 
logical volumes to which data access by the first device is authorized and second configuration 
information identifying whether non-media access is authorized to each of the plurality of logical 
volumes for which the first configuration information identifies that no data access is authorized 
for the first device. 

26. (Original) The method of claim 25, wherein the act (b) includes an act of: 
examining the second configuration information to determine whether the first device is 

authorized to have non-media access to the first logical volume. 

27. (Original) The method of claim 15, wherein the act (a) includes an act of: 
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maintaining, in the data structure that is accessible to the filter, configuration information 
that identifies each logical volume of the plurality of logical volumes to which data access by the 
first device is authorized and each of the plurality of logical volumes to which non-media access 
by the first device is authorized. 

28. (Currently Amended) An apparatus for use in a computer system including a 
plurality of devices, a shared resource, and a network that couples the plurality of devices to the 
shared resource, the apparatus comprising: 

an input to be coupled to the network; and 

at least one filter, coupled to the input, that is responsive to a non-media access request 
by a first of the plurality of devices to a logical device at the shared resource for which the first 
device has no data access privileges, to determine , based, at least in part, on an identity of the 
first device, whether the first device is authorized to have non-media access to the logical device, 
and to authorize the non-media access request when it is determined that the first device is 
authorized to have non-media access to the logical device. 

29. (Original) The apparatus of claim 28, wherein when it is determined that the first 
device is not authorized to have non-media access to the logical device, the at least one filter 
denies the non-media access request. 

30. (Original) The apparatus of claim 29, wherein the shared resource includes a 
plurality of storage devices coupled to the at least one filter, and wherein when it is determined 
that the first device is authorized to have non-media access to the logical device, the at least one 
filter forwards the non-media access request to a storage device corresponding to the logical 
device. 

3 1 . (Original) The apparatus of claim 28, wherein when it is determined that the first 
device is not authorized to have non-media access to the logical device, the at least one filter 
ignores the non-media access request. 



759305.1 



Serial No.: 09/751,684 - 8 - Art Unit: 2187 

Conf.No.: 9139 

32. (Original) The apparatus of claim 28, wherein: 

the shared resource includes a plurality of storage devices coupled to the at least one 

filter; 

the non-media access request is an availability request to determine an availability of the 
logical device; and 

when it is determined that the first device is authorized to have non-media access to the 
logical device, the at least one filter forwards the request to a storage device corresponding to the 
logical device. 

33. (Original) The apparatus of claim 28, wherein in response to a data access 
request by the first device to the logical device, the at least one filter determines whether the first 
device has data access privileges to the logical device; 

wherein the at least one filter authorizes the data access request when it is determined that 
the first device has data access privileges to the logical device; and 

wherein the at least one filter denies the data access request when it is determined that the 
first device has no data access privileges to the logical device. 

34. (Original) The apparatus of claim 28, wherein the apparatus further comprises: 
a data structure, accessible to the at least one filter, that stores configuration information 

corresponding to the first device that includes first configuration information identifying each of 
a plurality of logical devices at the shared resource to which data access by the first device is 
authorized, and second configuration information identifying whether non-media access is 
authorized to each of the plurality of logical devices for which the first configuration information 
identifies that no data access is authorized for the first device. 

35. (Original) The apparatus of claim 34, wherein the at least one filter examines the 
second configuration information corresponding to the first device to determine whether the first 
device is authorized to have non-media access to the logical device. 

36. (Original) The apparatus of claim 28, wherein the apparatus further comprises: 
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a data structure, accessible to the at least one filter, that stores configuration information 
corresponding to the first device that identifies each of a plurality of logical devices at the shared 
resource to which data access by the first device is authorized and each of the plurality of logical 
devices to which non-media access by the first device is authorized. 

37. (Original) The apparatus of claim 28, wherein in response to an access request by 
the first device to the logical device, the at least one filter examines the access request to 
determine whether the access request is one of a data access request and a non-media access 
request. 

38. (Original) The apparatus of claim 28, wherein the shared resource is a storage 

system; 

wherein the logical device is a logical volume of data stored at the storage system; and 
wherein in response to the non media access request by the first device to the logical 
volume of data at the storage system for which the first device has no data access privileges, the 
at least one filter determines whether the first device is authorized to have non-media access to 
the logical volume, and authorizes the non media access request when it is determined that the 
first device is authorized to have non-media access to the logical volume. 

39. (Original) The apparatus of claim 38, in combination with the storage system, 
wherein the at least one filter and the input each is disposed within the storage system. 

40. (Original) The apparatus of claim 38, further comprising: 

a data structure, accessible to the at least one filter, that stores configuration information 
corresponding to the first device that includes first configuration information identifying each of 
a plurality of logical volumes of data stored at the storage system to which data access by the 
first device is authorized, and second configuration information identifying whether non-media 
access is authorized to each of the plurality of logical volumes for which the first configuration 
information identifies that no data access is authorized for the first device. 
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41 . (Original) The apparatus of claim 40, in combination with the storage system, 
wherein the at least one filter, the input, and the data structure each is disposed within the storage 
system. 

42. (Original) The apparatus of claim 38, wherein the at least one filter and the input 
each is disposed outside of the storage system. 

43. (Original) A computer readable medium, comprising: 

a data structure relating to access management by a plurality of network devices to data 
stored on a plurality of logical devices of a shared resource, the data structure including a 
plurality of records each corresponding to one of the plurality of network devices, a first record 
of the plurality of records corresponding to a first of the plurality of network devices and 
including configuration information identifying each logical device of the plurality of logical 
devices to which data access by the first network device is authorized, the first record 

further including visibility information identifying whether the first network device is 
authorized to have non-media access to a first logical device of the plurality of logical devices 
when the configuration information corresponding to the first network device identifies that no 
data access to the first logical device from the first network device is authorized. 

44. (Original) The computer readable medium of claim 43, wherein the first record 
further includes visibility information identifying whether the first network device is authorized 
to have non-media access to each' logical device of the plurality of logical devices when the 
configuration information corresponding to the first network device identifies that no data access 
to at least one of the plurality of logical devices is authorized. 

45. (Original) The computer readable medium of claim 43, wherein each respective 
record of the plurality of records includes configuration information identifying each logical 
device of the plurality of logical devices to which data access by a respective network device is 
authorized, each respective record further including visibility information identifying whether 
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the respective network device is authorized to have non-media access to each logical device of 
the plurality of logical devices. 

46. (Original) The computer readable medium of claim 43, wherein each respective 
record of the plurality of records includes configuration information identifying each logical 
device of the plurality of logical devices to which data access by a respective network device is 
authorized, each respective record further including visibility information identifying whether 
the respective network device is permitted to have non-media access to a respective logical 
device of the plurality of logical devices when the configuration information identifies that no 
data access to the respective logical device from the respective network device is authorized. 

47. (Original) The computer readable medium of claim 43, in combination with the 
shared resource, wherein the shared resource is storage system, and wherein the computer 
readable medium is a storage device of the storage system. 

48. (Currently Amended) An apparatus for use in a computer system including a 
plurality of devices, a storage system, and a network that couples the plurality of devices to the 
storage system, the apparatus comprising: 

an input to be coupled to the network; 

a data structure that stores configuration information identifying each logical volume of 
data of a plurality of logical volumes of data stored on the storage system to which data access 
by a first device of the plurality of devices is authorized; and 

at least one filter, coupled to the input, that is responsive to a non-media access request 
by the first device to a first logical volume of data of the plurality of logical volumes of data for 
which the first device has no data access privileges, to determine , based, at lea st in part, on an 
identity of the first device, whether the first device is authorized to have non-media access to the 
first logical volume of data, and to authorize the non-media access request when it is determined 
that the first device is authorized to have non-media access to the first logical volume of data. 
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49. (Original) The apparatus of claim 48, wherein when it is determined that the first 
device is not authorized to have non-media access to the first logical volume of data, the at least 
one filter denies the non-media access request. 

50. (Original) The apparatus of claim 49, wherein the storage system includes a 
plurality of storage devices coupled to the at least one filter, and wherein when it is determined 
that the first device is authorized to have non-media access to the first logical volume of data, the 
at least one filter forwards the non-media access request to a storage device corresponding to the 
first logical volume of data. 

5 1 . (Original) The apparatus of claim 48, wherein when it is determined that the first 
device is not authorized to have non-media access to the first logical volume of data, the at least 
one filter ignores the non-media access request. 

52. (Original) The apparatus of claim 48, wherein in response to a data access 
request by the first device to the first logical volume of data, the at least one filter determines, 
based upon the configuration information stored in the data structure, whether the first device has 
data access privileges to the first logical volume of data; 

wherein the at least one filter authorizes the data access request when it is determined that 
the first device has data access privileges to the first logical volume of data; and 

wherein the at least one filter denies the data access request when it is determined that the 
first device has no data access privileges to the first logical volume of data. 

53. (Original) The apparatus of claim 48, wherein the configuration information 
stored in the data structure further identifies whether non-media access by the first device is 
authorized for each of the plurality of logical volumes of data stored on the storage system. 

54. (Original) The apparatus of claim 48, wherein the configuration information 
stored in the data structure is first configuration information, the data structure further including 
second configuration information that identifies whether non-media access is authorized to each 



759305.1 



SerialNo.: 09/751,684 - 13 - Art Unit: 2187 

Conf.No.: 9139 

of the plurality of logical volumes of data for which the first configuration identifies that no data 
access is authorized for the first device. 

55. (Original) The apparatus of claim 54, wherein the at least one filter examines the 
second configuration information to determine whether the first device is authorized to have non- 
media access to the logical device. 

56. (Original) The apparatus of claim 48, wherein in response to an access request by 
the first device to the first logical volume of data, the at least one filter examines the access 
request to determine whether the access request is one of a data access request and a non-media 
access request. 

57. (Original) The apparatus of claim 48, in combination with the storage system, 
wherein the at least one filter, the input, and the data structure each is disposed within the storage 
system. 

58. (Previously Presented) The apparatus of claim 48, wherein the at least one filter, 
the data structure, and the input each is disposed outside of the storage system. 

59. (Original) The apparatus of claim 48, in combination with the storage system, 
wherein the at least one filter and the input each is disposed within the storage system, and 
wherein the data structure is disposed outside of the storage system. 

60. (Original) A storage system, comprising: 

a plurality of storage devices that store a plurality of logical volumes of data; 

a data structure to store configuration information identifying whether a first network 
device of a plurality of network devices that are coupled to the storage system is authorized to 
access data on a first logical volume of the plurality of logical volumes; and 

a filter, responsive to the configuration information stored in the data structure, to 
selectively forward non-media access requests from the first network device to the first logical 
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volume when the configuration information identifies that no data access to the first logical 
volume from the first network device is authorized. 

61 . (Original) The storage system of claim 60, wherein the filter selectively forwards 
the non-media access request from the first network device to at least one of the plurality of 
storage devices that corresponds to the first logical volume when the configuration information 
identifies that no data access to the first logical volume from the first network device is 
authorized. 

62. (Original) The storage system of claim 60, wherein the configuration information 
further identifies whether the first network device is authorized to have non-media access to the 
first logical volume when no data access to the first logical volume from the first network device 
is authorized. 

63. (Original) The storage system of claim 62, wherein the filter forwards non-media 
access requests from the first network device to the first logical volume when the configuration 
information identifies that non-media access by the first network device to the first logical 
volume is authorized, and denies the non-media access request from the first network device to 
the first logical volume when the configuration information identifies that non-media access by 
the first network device to the first logical volume is not authorized and that no data access to the 
first logical volume from the first network device is authorized. 

64. (Original) The storage system of claim 63, wherein the filter, in response to an 
access request from the first network device to the first logical volume for which the 
configuration information identifies that no data access is authorized, examines the access 
request to determine whether the access request is one of a data access request and a non-media 
access request. 

65. (Original) The storage system of claim 60, wherein the filter, responsive to the 
configuration information stored in the data structure, forwards access requests from the first 
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network device to at least one of the plurality of storage device corresponding to the first logical 
volume when the configuration information identifies that data access to the first logical volume 
from the first network device is authorized. 

66. (Original) The storage system of claim 60, wherein the data structure includes a 
plurality of records each corresponding to a respective one of the plurality of network device, 
each of the plurality of records including first configuration information identifying each of the 
plurality of logical volumes to which data access by the respective one of the plurality of 
network devices is authorized, and second configuration information identifying whether non- 
media access to each of the plurality of logical volumes by the respective one of the plurality of 
network devices is authorized for which the first configuration information identifies that no data 
access by the respective one of the plurality of network device is authorized. 
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